Closed calvinmetcalf closed 9 years ago
I didn't explicitly define flush though I suppose I should and just have it call final()
. Ultimately though the data should be verified as it's my understanding that calling setAuthTag
ensures that any data that doesn't verify results in final
being thrown.
From the docs:
If no tag is provided or if the ciphertext has been tampered with, final will throw, thus indicating that the ciphertext should be discarded due to failed authentication.
Maybe my understanding of the inner workings here are wrong. I didn't actually verify this assumption in the source.
Either way I'm opening a PR now to add _flush
and explicitly call .final
Given the change in #4 I think we can close this issue as it's being addressed.
you never _flush the decryption stream